Blog Posts Tagged with "Penetration Testing"

As a main area of our interest, PCI v3.0 enhances the Penetration Testing requirement by adding guidelines that help both the organizations and the auditors to better show and understand two important areas of concern in every PCI compliance effort.

Before you perform your next security verification activity, make sure you have software security requirements to measure against and that you define which requirements are in-scope for the verification.

Information security has a problem. We make far too many decisions without having reliable data to assist in our decision making process. Because of this, far too many information security professionals use what I call Gut 1.0 to make decisions based on gut feel...

Small business owners often don't have someone who is versed in network security. So when they are told they need a “network penetration test” to comply with PCI DSS, many will contact the growing number of companies offering inexpensive testing services...

If you would like to contribute, please shoot me a tweet, a email, a... anything and I will gladly add you to the permissions to edit. Honestly it just became so overwhelming that every time I thought to add something I would cringe away because I know I'd spend most of time fixing them...

Ever set up a multi/handler and get an odd IP hitting it? You might have just been caught. AV Tracker is a site that tracks the different IP addresses, hostnames, computer names and user agents that AV and other submit-your-malware-here drop boxes use...

We know all that many users are local administrators. We also know we can send or drop binaries to these users and they will run whatever we want them to. The problem lies in when they run the binary if they don’t run it as admin we may not be able to get system level access. To be honest that is the level I want...

What information is being broadcast by your computers, company, or employees, that don’t show up in a software scan? Many companies think that if they just run a vulnerability scan and it passes that they are good, but is this an accurate test of your network security?

Watching Egypt’s talk at DEFCON 20 he mentioned the ability to jump on on a system when pageant (puTTY’s ssh-agent equivalent) is running. So I wanted to figure out the best way to get this going. Here is what I came up with...

Cyber genius David Kennedy (aka The Mad Hugger) and his rockstar team have done it again. Just when you thought your Anti-Virus was safe, the TrustedSec team has shown once again that pinning all your corporate security hope on AV protection alone is not a good strategy...

For mimikatz to automatically send commands require double quotes in the command line arguments, so we use single quotes in meterpreter to encircle the execute arguments (-a). Running first "sekurlsa::logonPasswords full" then 'exit' to auto-exit mimikatz console...

As a Penetration Tester, this vulnerability is sought out because it is highly reliable and very low risk. As an attacker, the fact is the attack still works. The vulnerability was widely used in conjunction with the Conficker worm, which affected more than 9 to 15 million systems...

So it turns out that Windows Firewall talks IP addresses just like any other firewall, so if you configure FakeNetBIOSNS to tell everyone that the IP address for whatever they looked up is YOUR IP, guess what, no need to bypass the spoof filters...

This post will discuss Volatility’s new Linux features for recovering network information including enumerating sockets, network connections, and packet contents, and will discuss each plugin along with implementation, how to use it, output, and which forensics scenarios apply...

You pop a box, get your meterpreter shell at the end of the day. You leave your shell, come back in the morning and find out the connection dropped because the system rebooted. Luckily @Carlos_Perez/Darkoperator made a persistence script that is included in Metasploit...